Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
Microsoft.NET and Visual Studio CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability
Microsoft.NET and Visual Studio CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft.NET and Visual Studio CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
GithubActive Directory Rights Management Services CVE-2024-39684 Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability
GitHubActive Directory Rights Management Services CVE-2024-38517 Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
MicrosoftAzure CycleCloud CVE-2024-38092 Azure CycleCloud Elevation of Privilege Vulnerability
MicrosoftAzure DevOps CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure DevOps CVE-2024-35267 Azure DevOps Server Spoofing Vulnerability
MicrosoftAzure Kinect SDK CVE-2024-38086 Azure Kinect SDK Remote Code Execution Vulnerability
MicrosoftAzure Network Watcher CVE-2024-35261 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
MicrosoftGroupMe CVE-2024-38176 GroupMe Elevation of Privilege Vulnerability
MicrosoftGroupMe CVE-2024-38164 GroupMe Elevation of Privilege Vulnerability
IntelIntel CVE-2024-37985 Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
MicrosoftLine Printer Daemon Service (LPD) CVE-2024-38027 Windows Line Printer Daemon Service Denial of Service Vulnerability
cve-coordination@google.comMariner CVE-2023-2976 Unknown
cve-coordination@google.comMariner CVE-2023-6817 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2023-52802 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26978 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26933 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-36481 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-38664 Unknown
cve@mitre.orgMariner CVE-2024-32487 Unknown
secalert@redhat.comMariner CVE-2022-41862 Unknown
security-officer@isc.orgMariner CVE-2022-2928 Unknown
security@huntr.devMariner CVE-2023-5535 Unknown
cve@mitre.orgMariner CVE-2024-37535 Unknown
security-officer@isc.orgMariner CVE-2022-2929 Unknown
cve@kernel.orgMariner CVE-2024-26984 Unknown
cve@mitre.orgMariner CVE-2024-31744 Unknown
openssl-security@openssl.orgMariner CVE-2023-5363 Unknown
openssl-security@openssl.orgMariner CVE-2023-6237 Unknown
openssl-security@openssl.orgMariner CVE-2024-4603 Unknown
cve@mitre.orgMariner CVE-2023-42282 Unknown
security@apache.orgMariner CVE-2024-38472 Unknown
cve@mitre.orgMariner CVE-2017-15371 Unknown
cve@mitre.orgMariner CVE-2021-43565 Unknown
cve@mitre.orgMariner CVE-2024-31584 Unknown
secalert@redhat.comMariner CVE-2023-6121 Unknown
cve@mitre.orgMariner CVE-2024-32616 Unknown
cve@mitre.orgMariner CVE-2024-33874 Unknown
security@apache.orgMariner CVE-2024-40898 Unknown
security@golang.orgMariner CVE-2023-45288 Unknown
secalert@redhat.comMariner CVE-2019-3816 Unknown
security@golang.orgMariner CVE-2024-24786 Unknown
secalert@redhat.comMariner CVE-2023-5156 Unknown
secalert@redhat.comMariner CVE-2023-4911 Unknown
cve@mitre.orgMariner CVE-2017-17522 Unknown
cve@mitre.orgMariner CVE-2007-4559 Unknown
cve@mitre.orgMariner CVE-2019-9674 Unknown
report@snyk.ioMariner CVE-2021-23336 Unknown
secalert@redhat.comMariner CVE-2022-3857 Unknown
secalert_us@oracle.comMariner CVE-2024-20961 Unknown
secalert_us@oracle.comMariner CVE-2024-20963 Unknown
cve@mitre.orgMariner CVE-2024-32623 Unknown
secalert_us@oracle.comMariner CVE-2024-20971 Unknown
security-advisories@github.comMariner CVE-2024-28863 Unknown
secalert@redhat.comMariner CVE-2024-3727 Unknown
cve@mitre.orgMariner CVE-2024-31755 Unknown
glibc-cna@sourceware.orgMariner CVE-2024-33601 Unknown
glibc-cna@sourceware.orgMariner CVE-2024-33602 Unknown
cve@mitre.orgMariner CVE-2024-29160 Unknown
cve@mitre.orgMariner CVE-2024-29165 Unknown
cve@mitre.orgMariner CVE-2024-29164 Unknown
cve@mitre.orgMariner CVE-2024-32614 Unknown
cve@mitre.orgMariner CVE-2024-32613 Unknown
cve@mitre.orgMariner CVE-2024-32612 Unknown
cve@mitre.orgMariner CVE-2017-15370 Unknown
cve@mitre.orgMariner CVE-2024-32618 Unknown
secalert_us@oracle.comMariner CVE-2024-20981 Unknown
cve@mitre.orgMariner CVE-2015-7747 Unknown
openssl-security@openssl.orgMariner CVE-2024-5535 Unknown
secalert@redhat.comMariner CVE-2020-27814 Unknown
secalert@redhat.comMariner CVE-2021-3847 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26913 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-36477 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-39291 Unknown
secalert@redhat.comMariner CVE-2023-2455 Unknown
cve@mitre.orgMariner CVE-2024-31583 Unknown
openssl-security@openssl.orgMariner CVE-2023-0464 Unknown
security-advisories@github.comMariner CVE-2023-22742 Unknown
cve@mitre.orgMariner CVE-2024-29161 Unknown
cve@mitre.orgMariner CVE-2024-33873 Unknown
cve@mitre.orgMariner CVE-2018-25032 Unknown
cve@mitre.orgMariner CVE-2023-45853 Unknown
openssl-security@openssl.orgMariner CVE-2023-5678 Unknown
cve@mitre.orgMariner CVE-2024-33877 Unknown
openssl-security@openssl.orgMariner CVE-2023-6129 Unknown
openssl-security@openssl.orgMariner CVE-2024-0727 Unknown
security-advisories@github.comMariner CVE-2023-27478 Unknown
cve@mitre.orgMariner CVE-2017-18214 Unknown
security-advisories@github.comMariner CVE-2024-37890 Unknown
security@apache.orgMariner CVE-2024-36387 Unknown
security@apache.orgMariner CVE-2024-38473 Unknown
security@apache.orgMariner CVE-2024-39884 Unknown
security-advisories@github.comMariner CVE-2024-29038 Unknown
security-advisories@github.comMariner CVE-2024-29039 Unknown
security-advisories@github.comMariner CVE-2024-37298 Unknown
cve@mitre.orgMariner CVE-2020-15503 Unknown
secalert@redhat.comMariner CVE-2020-27842 Unknown
security@apache.orgMariner CVE-2024-40725 Unknown
openssl-security@openssl.orgMariner CVE-2024-2511 Unknown
cve@mitre.orgMariner CVE-2024-32619 Unknown
cve@mitre.orgMariner CVE-2024-32620 Unknown
cve@mitre.orgMariner CVE-2024-32615 Unknown
secalert@redhat.comMariner CVE-2020-27824 Unknown
secalert@redhat.comMariner CVE-2020-27841 Unknown
secalert@redhat.comMariner CVE-2020-27843 Unknown
secalert@redhat.comMariner CVE-2020-27845 Unknown
cve@mitre.orgMariner CVE-2020-8597 Unknown
cve@mitre.orgMariner CVE-2020-8112 Unknown
security@huntr.devMariner CVE-2024-3651 Unknown
cve@mitre.orgMariner CVE-2019-20907 Unknown
cve@mitre.orgMariner CVE-2017-18207 Unknown
arm-security@arm.comMariner CVE-2023-4039 Unknown
secalert@redhat.comMariner CVE-2019-3833 Unknown
cve@mitre.orgMariner CVE-2021-33454 Unknown
security@golang.orgMariner CVE-2023-3978 Unknown
infosec@edk2.groups.ioMariner CVE-2024-1298 Unknown
secalert_us@oracle.comMariner CVE-2024-20965 Unknown
secalert_us@oracle.comMariner CVE-2024-20967 Unknown
secalert_us@oracle.comMariner CVE-2024-20969 Unknown
secalert_us@oracle.comMariner CVE-2024-20977 Unknown
secalert_us@oracle.comMariner CVE-2024-20973 Unknown
secalert_us@oracle.comMariner CVE-2024-20985 Unknown
security-advisories@github.comMariner CVE-2024-28182 Unknown
secalert@redhat.comMariner CVE-2024-5742 Unknown
security-advisories@github.comMariner CVE-2024-37891 Unknown
security@golang.orgMariner CVE-2023-39325 Unknown
cve@mitre.orgMariner CVE-2024-34250 Unknown
cve@mitre.orgMariner CVE-2024-29158 Unknown
cve@mitre.orgMariner CVE-2024-29162 Unknown
cve@mitre.orgMariner CVE-2024-29163 Unknown
cve@mitre.orgMariner CVE-2024-32605 Unknown
secalert@redhat.comMariner CVE-2020-27823 Unknown
MicrosoftMicrosoft Defender for IoT CVE-2024-38089 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MicrosoftMicrosoft Dynamics CVE-2024-30061 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
MicrosoftMicrosoft Dynamics CVE-2024-38182 Microsoft Dynamics 365 Elevation of Privilege Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6988 Chromium: CVE-2024-6988 Use after free in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6991 Chromium: CVE-2024-6991 Use after free in Dawn
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7004 Chromium: CVE-2024-7004 Insufficient validation of untrusted input in Safe Browsing
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7003 Chromium: CVE-2024-7003 Inappropriate implementation in FedCM
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7001 Chromium: CVE-2024-7001 Inappropriate implementation in HTML
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7000 Chromium: CVE-2024-7000 Use after free in CSS
MicrosoftMicrosoft Edge (Chromium-based) CVE-2024-38103 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6774 Chromium: CVE-2024-6774 Use after free in Screen Capture
MicrosoftMicrosoft Edge (Chromium-based) CVE-2024-38156 Microsoft Edge (Chromium-based) Spoofing Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6779 Chromium: CVE-2024-6779 Out of bounds memory access in V8
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6773 Chromium: CVE-2024-6773 Type Confusion in V8
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6772 Chromium: CVE-2024-6772 Inappropriate implementation in V8
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6775 Chromium: CVE-2024-6775 Use after free in Media Stream
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6776 Chromium: CVE-2024-6776 Use after free in Audio
ChromeMicrosoft Edge (Chromium-based) CVE-2024-7005 Chromium: CVE-2024-7005 Insufficient validation of untrusted input in Safe Browsing
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6992 Chromium: CVE-2024-6992
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6995 Chromium: CVE-2024-6995 Inappropriate implementation in Fullscreen
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6993 Chromium: CVE-2024-6993
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6778 Chromium: CVE-2024-6778 Race in DevTools
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6989 Chromium: CVE-2024-6989 Use after free in Loader
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6999 Chromium: CVE-2024-6999 Inappropriate implementation in FedCM
Adobe Systems IncorporatedMicrosoft Edge (Chromium-based) CVE-2024-39379 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6996 Chromium: CVE-2024-6996 Race in Frames
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6997 Chromium: CVE-2024-6997 Use after free in Tabs
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6994 Chromium: CVE-2024-6994 Heap buffer overflow in Layout
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6998 Chromium: CVE-2024-6998 Use after free in User Education
ChromeMicrosoft Edge (Chromium-based) CVE-2024-6777 Chromium: CVE-2024-6777 Use after free in Navigation
MicrosoftMicrosoft Graphics Component CVE-2024-38079 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2024-38051 Windows Graphics Component Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2024-38021 Microsoft Outlook Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Outlook CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-32987 Microsoft SharePoint Server Information Disclosure Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38024 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38054 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38057 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2024-38052 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38056 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft Windows Codecs Library CVE-2024-38055 Microsoft Windows Codecs Library Information Disclosure Vulnerability
MicrosoftMicrosoft WS-Discovery CVE-2024-38091 Microsoft WS-Discovery Denial of Service Vulnerability
MicrosoftNDIS CVE-2024-38048 Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CERT/CCNPS RADIUS Server CVE-2024-3596 CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
Red Hat, Inc.Open Source Software CVE-2024-6387 RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling
MicrosoftRole: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061 DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2024-38080 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftSQL Server CVE-2024-21414 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21449 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37324 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37323 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37322 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37321 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37320 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37319 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21425 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21317 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21308 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21303 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-20701 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35272 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35271 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38088 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-38087 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37326 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21335 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37331 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37332 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37318 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21428 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21415 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21373 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-21398 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37327 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37328 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37329 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37330 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37334 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37333 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-37336 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-28928 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftSQL Server CVE-2024-35256 SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
MicrosoftWindows BitLocker CVE-2024-38058 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows COM Session CVE-2024-38100 Windows File Explorer Elevation of Privilege Vulnerability
MicrosoftWindows CoreMessaging CVE-2024-21417 Windows Text Services Framework Elevation of Privilege Vulnerability
MicrosoftWindows Cryptographic Services CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
MicrosoftWindows DHCP Server CVE-2024-38044 DHCP Server Service Remote Code Execution Vulnerability
MicrosoftWindows Distributed Transaction Coordinator CVE-2024-38049 Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
MicrosoftWindows Enroll Engine CVE-2024-38069 Windows Enroll Engine Security Feature Bypass Vulnerability
MicrosoftWindows Fax and Scan Service CVE-2024-38104 Windows Fax Service Remote Code Execution Vulnerability
MicrosoftWindows Filtering CVE-2024-38034 Windows Filtering Platform Elevation of Privilege Vulnerability
MicrosoftWindows Image Acquisition CVE-2024-38022 Windows Image Acquisition Elevation of Privilege Vulnerability
MicrosoftWindows Imaging Component CVE-2024-38060 Windows Imaging Component Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38053 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38101 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2024-38102 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows iSCSI CVE-2024-35270 Windows iSCSI Service Denial of Service Vulnerability
MicrosoftWindows Kernel CVE-2024-38041 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel-Mode Drivers CVE-2024-38062 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
MicrosoftWindows Layer-2 Bridge Network Driver CVE-2024-38105 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
MicrosoftWindows LockDown Policy (WLDP) CVE-2024-38070 Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
MicrosoftWindows Message Queuing CVE-2024-38017 Microsoft Message Queuing Information Disclosure Vulnerability
MicrosoftWindows MSHTML Platform CVE-2024-38112 Windows MSHTML Platform Spoofing Vulnerability
MicrosoftWindows MultiPoint Services CVE-2024-30013 Windows MultiPoint Services Remote Code Execution Vulnerability
MicrosoftWindows NTLM CVE-2024-30081 Windows NTLM Spoofing Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38068 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38031 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Online Certificate Status Protocol (OCSP) CVE-2024-38067 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38025 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38028 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows Performance Monitor CVE-2024-38019 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
MicrosoftWindows PowerShell CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2024-38047 PowerShell Elevation of Privilege Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30071 Windows Remote Access Connection Manager Information Disclosure Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2024-30079 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38076 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop CVE-2024-38015 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38072 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38073 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38074 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38071 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2024-38099 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37977 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37975 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37973 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-28899 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37972 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38065 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37971 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37969 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37988 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37974 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37989 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37981 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37986 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37987 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38010 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-38011 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37984 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37970 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-26184 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Secure Boot CVE-2024-37978 Secure Boot Security Feature Bypass Vulnerability
MicrosoftWindows Server Backup CVE-2024-38013 Microsoft Windows Server Backup Elevation of Privilege Vulnerability
MicrosoftWindows TCP/IP CVE-2024-38064 Windows TCP/IP Information Disclosure Vulnerability
MicrosoftWindows Themes CVE-2024-38030 Windows Themes Spoofing Vulnerability
MicrosoftWindows Win32 Kernel Subsystem CVE-2024-38085 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - GRFX CVE-2024-38066 Windows Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - ICOMP CVE-2024-38059 Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Workstation Service CVE-2024-38050 Windows Workstation Service Elevation of Privilege Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38078 Xbox Wireless Adapter Remote Code Execution Vulnerability
MicrosoftXBox Crypto Graphic Services CVE-2024-38032 Microsoft Xbox Remote Code Execution Vulnerability

CVE-2024-30061 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30061
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Weakness: CWE-285 : Improper Authorization
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:6,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must be on the network to monitor domain network traffic (PR:L) while monitoring for user (UI:R) generated network traffic, or alternatively that attacker convinces an authenticated user to execute a malicious script, as a step to exploit this vulnerability.


What type of information could be disclosed by this vulnerability?

This vulnerability discloses data stored in the underlying datasets in Dataverse, that could include Personal Identifiable Information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5037940 (Security Update) Important Information Disclosure None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
9.1.28.09 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30061 Erik Donker


CVE-2024-21417 - Windows Text Services Framework Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21417
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Text Services Framework Elevation of Privilege Vulnerability
Weakness: CWE-862 : Missing Authorization
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level or a High Integrity Level.

Please refer to AppContainer isolation and Mandatory Integrity Control for more information.


According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21417
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21417 None

CVE-2024-28899 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28899
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


How could an attacker successfully exploit this vulnerability?

To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .wim file


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28899
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28899 Azure Yang with Kunlun Lab


CVE-2024-30081 - Windows NTLM Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30081
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows NTLM Spoofing Vulnerability
Weakness: CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:6,2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30081
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30081 Jimmy Bayne


CVE-2024-30098 - Windows Cryptographic Services Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30098
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Cryptographic Services Security Feature Bypass Vulnerability
Weakness: CWE-327 : Use of a Broken or Risky Cryptographic Algorithm
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Are there any further actions I need to take to be protected from this vulnerability?

Yes. The Windows Smart Card infrastructure relies on the Cryptographic Service Provider (CSP) and Key Storage Provider (KSP) to isolate cryptographic operations from the Smart Card implementation. The KSP is part of the Crypto Next Generation (CNG) architecture and is intended to support modern smart cards. In the case of RSA based certificates, the Smart Card Certificate Propagation service automatically overrides the default and uses the CSP instead of the KSP. This limits usage to the cryptography provided by the CSP and does not benefit from the modern cryptography provided by the KSP.

Beginning with the July 2024 security updates released on July 9, 2024, this vulnerability will be addressed by removing the RSA override and using the KSP as the default. This change is initially disabled by default to allow customers to test it in their environment and to detect any application compatibility issues that might occur with this change. We intend to enable this change by default with a monthly security update in early 2025.

Please enable this fix and test applications in your environment that rely on RSA based certificates and smart cards. If you detect applications that rely on the old behavior of defaulting to the CSP, work with your application vendor to update the application so that the KSP can be used by default.

The fix can be enabled by setting the following registry key. Set the registry key to the value 1 to enable the fix for CVE-2024-30098.

Registry Subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais
Key Value name DisableCapiOverrideForRSA
Data Type REG_DWORD
Data Set to 1 to enable the fix for CVE-2024-30098 and set to 0 or remove the key to disable the fix.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to create a SHA1 hash collision successfully.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass digital signatures on a vulnerable system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    10/07/2024    

Added FAQ to explain how this vulnerability is being addressed and further actions customers must take to be protected from it. This is an informational change only.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30098
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30098 Anonymous


CVE-2024-35264 - .NET and Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35264
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: .NET and Visual Studio Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:7,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


How could an attacker exploit this vulnerability?

An attacker could exploit this by closing an http/3 stream while the request body is being processed leading to a race condition. This could result in remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35264
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Remote Code Execution None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Remote Code Execution None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Remote Code Execution None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Remote Code Execution None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Remote Code Execution None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35264 Radek Zikmund of Microsoft Corporation


CVE-2024-35270 - Windows iSCSI Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35270
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows iSCSI Service Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:4,6
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35270
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 5,3
Temporal: 4,6
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35270 Azure Yang with Kunlun Lab


CVE-2024-38088 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38088
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38088
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38088 Anonymous


CVE-2024-38087 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38087
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-415 : Double Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38087
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38087 Anonymous


CVE-2024-21332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21332
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21332 Anonymous


CVE-2024-21333 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21333
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21333
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21333 Anonymous


CVE-2024-21335 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21335
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21335
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21335 Anonymous


CVE-2024-21373 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21373
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21373
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21373 Anonymous


CVE-2024-21398 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21398
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21398
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21398 Anonymous


CVE-2024-21414 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21414
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21414
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21414 Anonymous


CVE-2024-21415 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21415
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21415
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21415 Anonymous


CVE-2024-21428 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21428
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21428 Anonymous


CVE-2024-37318 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37318
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37318
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37318 Anonymous


CVE-2024-37332 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37332
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37332
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37332 Yuki Chen


CVE-2024-37331 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37331
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37331
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37331 Anonymous


CVE-2024-37969 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37969
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-822 : Untrusted Pointer Dereference
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37969 Azure Yang with Kunlun Lab


CVE-2024-37970 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37970
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37970
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37970 Azure Yang with Kunlun Lab


CVE-2024-37974 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37974
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37974
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37974 Azure Yang with Kunlun Lab


CVE-2024-37981 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37981
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37981 Azure Yang with Kunlun Lab


CVE-2024-37985 - Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37985
MITRE
NVD

Issuing CNA: Intel

CVE Title: Arm: CVE-2024-37985 Systematic Identification and Characterization of Proprietary Prefetchers
Weakness: CWE-1037 : Processor Optimization Removal or Modification of Security-critical Code
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,2
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


Why is this Intel CVE included in the Security Update Guide?

Intel assigned this CVE to a problem that affects certain ARM-based operating systems. This update mitigates against this vulnerability.

For more information on this vulnerability, please see: Systematic Identification and Characterization of Proprietary Prefetchers


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37985

CVE-2024-37986 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37986
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37986
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37986 Azure Yang with Kunlun Lab


CVE-2024-37987 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37987
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-843 CWE-122 : Access of Resource Using Incompatible Type ('Type Confusion') Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37987 Azure Yang with Kunlun Lab


CVE-2024-38013 - Microsoft Windows Server Backup Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38013
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Server Backup Elevation of Privilege Vulnerability
Weakness: CWE-59 : Improper Link Resolution Before File Access ('Link Following')
CVSS:

CVSS:3.1 Highest BaseScore:6,7/TemporalScore:5,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker would be able to delete any system files.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38013
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 6,7
Temporal: 5,8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38013 3wyeye5 with OSR


CVE-2024-38015 - Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38015
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    11/07/2024    

Updated acknowledgment. This is an informational change only.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38015
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38015 Lewis Lee & Zhiniang Peng


CVE-2024-38022 - Windows Image Acquisition Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38022
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Image Acquisition Elevation of Privilege Vulnerability
Weakness: CWE-59 : Improper Link Resolution Before File Access ('Link Following')
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:6,1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38022
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38022 BochengXiang(@Crispr) with FDU


goodbyeselene


CVE-2024-38023 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38023
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
Weakness: CWE-502 : Deserialization of Untrusted Data
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit the vulnerability?

An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file's parameters. This would enable the attacker to perform remote code execution in the context of the SharePoint Server.


According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38023
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Critical Remote Code Execution 5002604
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.5456.1000
Maybe 5002618
Microsoft SharePoint Server 2019 5002615 (Security Update) Critical Remote Code Execution 5002602
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.10412.20001
Maybe 5002615
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Critical Remote Code Execution 5002603 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38023 zcgonvh


CVE-2024-38024 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38024
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
Weakness: CWE-502 : Deserialization of Untrusted Data
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


How could an attacker exploit the vulnerability?

An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger deserialization of file's parameters. This would enable the attacker to perform remote code execution in the context of the SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38024
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Remote Code Execution 5002604
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.5456.1000
Maybe 5002618
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Remote Code Execution 5002602
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.10412.20001
Maybe 5002615
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Remote Code Execution 5002603 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38024 zcgonvh


cjm00n of Cyber Kunlun & Zhiniang Peng


CVE-2024-38025 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38025
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the attacker machine could run malicious code remotely in the victim machine's performance counter data collector process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38025
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38025 QingHe Xie


FangMing Gu


CVE-2024-38034 - Windows Filtering Platform Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38034
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Filtering Platform Elevation of Privilege Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38034
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38034 go2bed


CVE-2024-38041 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38041
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Kernel Information Disclosure Vulnerability
Weakness: CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:4,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is one byte of kernel memory could be leaked back to the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38041
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38041 Le Tran Hai Tung with Viettel Cyber Security


CVE-2024-38043 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38043
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: PowerShell Elevation of Privilege Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate their user privileges from those of a restrained user to an unrestrained WDAC user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38043
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38043 Jimmy Bayne


CVE-2024-38517 - Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38517
MITRE
NVD

Issuing CNA: GitHub

CVE Title: Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in RapidJSON library which is consumed by Microsoft Active Directory Rights Management Services Client. The CVE for this open source component, which is used in a Microsoft product, is assigned by GitHub CNA.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Moderate Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38517
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Moderate Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Moderate Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Moderate Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38517 Anonymous


CVE-2024-38051 - Windows Graphics Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38051
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Graphics Component Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38051
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38051 Anonymous


CVE-2024-38054 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38054
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38054
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38054 Angelboy (@scwuaptx) with DEVCORE


CVE-2024-38055 - Microsoft Windows Codecs Library Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38055
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Codecs Library Information Disclosure Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:4,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38055
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38055 Angelboy (@scwuaptx) with DEVCORE


CVE-2024-38056 - Microsoft Windows Codecs Library Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38056
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Codecs Library Information Disclosure Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:4,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38056
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5,5
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38056 Angelboy (@scwuaptx) with DEVCORE


CVE-2024-38059 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38059
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Win32k Elevation of Privilege Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38059
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38059 Zhang WangJunJie, He YiSheng with Hillstone Network Security Research Institute


CVE-2024-38060 - Windows Imaging Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38060
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Imaging Component Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An authenticated attacker could exploit the vulnerability by uploading a malicious TIFF file to a server.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38060
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Critical Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Critical Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Critical Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Critical Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Critical Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Critical Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Critical Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Critical Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Critical Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Critical Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Critical Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Critical Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38060 George Holmes with Microsoft


CVE-2024-38061 - DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38061
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
Weakness: CWE-284 : Improper Access Control
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain domain administrator privileges.


Mitigations:

The following mitigating factors might be helpful in your situation:

Setting LegacyAuthenticationLevel - Win32 apps | Microsoft Docs to 5= RPC_C_AUTHN_LEVEL_PKT_INTEGRITY might protect most processes on the machine against this attack. Note that COM does not currently have a notion of minimum authentication level if authenticated, for example it is not possible to accept calls at RPC_C_AUTHN_LEVEL_NONE or >= RPC_C_AUTHN_LEVEL_PKT_INTEGRITY (server-side concern, but mentioning for completeness as it limits configuration-based options), nor is there a way to set the client-side authentication level for a process independent of the server-side authentication level. See LegacyAuthenticationLevel for more information about this value.

For information on how to set the applicable system-wide registry value see the Setting System-Wide Default Authentication Level section of Setting System-Wide Security Using DCOMCNFG.


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    18/07/2024    

Added acknowledgements. This is an informational change only.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38061 Andrea Pierini with Semperis


Tianze Ding (@D1iv3)


CVE-2024-38062 - Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38062
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38062
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38062 Philippe Laulheret with Cisco Talos


Philippe Laulheret of Cisco Talos


CVE-2024-38064 - Windows TCP/IP Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38064
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows TCP/IP Information Disclosure Vulnerability
Weakness: CWE-908 : Use of Uninitialized Resource
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38064
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38064 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38071 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38071
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Weakness: CWE-126 : Buffer Over-read
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38071
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38071 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38072 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38072
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Weakness: CWE-476 : NULL Pointer Dereference
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38072
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38072 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38077 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38077
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:8,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How would an attacker exploit this vulnerability?

An unauthenticated attacker could connect to the Remote Desktop Licensing Service and send a malicious message which could allow remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38077
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Critical Remote Code Execution 5039245
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Critical Remote Code Execution 5039245
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Critical Remote Code Execution 5039245
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Critical Remote Code Execution 5039245
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38077 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38080 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38080
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38080
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38080 Anonymous


CVE-2024-38085 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38085
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38085
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38085 Anonymous


CVE-2024-38086 - Azure Kinect SDK Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38086
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure Kinect SDK Remote Code Execution Vulnerability
Weakness: CWE-197 : Numeric Truncation Error
CVSS:

CVSS:3.1 Highest BaseScore:6,4/TemporalScore:5,6
Base score metrics
Attack VectorPhysical
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?

An attacker needs physical access to the target computer to plug in a malicious USB drive.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38086
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Kinect SDK Release Notes (Security Update) Important Remote Code Execution None Base: 6,4
Temporal: 5,6
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
1.4.2 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38086 VictorV(Tang tianwen) with Kunlun Lab


CVE-2024-38091 - Microsoft WS-Discovery Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38091
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft WS-Discovery Denial of Service Vulnerability
Weakness: CWE-166 : Improper Handling of Missing Special Element
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38091
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38091 Azure Yang with Kunlun Lab


CVE-2024-38100 - Windows File Explorer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38100
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows File Explorer Elevation of Privilege Vulnerability
Weakness: CWE-284 : Improper Access Control
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38100
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38100 Andrea Pierini with Semperis


CVE-2024-38102 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38102
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38102
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38102 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38104 - Windows Fax Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38104
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Fax Service Remote Code Execution Vulnerability
Weakness: CWE-822 : Untrusted Pointer Dereference
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

The following mitigating factor might be helpful in your situation:

To be exploitable by this vulnerability the Windows Fax Service has to be installed and configured. If Windows Fax Service is enabled, consider disabling it until you have installed this update that addresses this vulnerability.


How could an attacker exploit this vulnerability?

An authenticated attacker with normal user privileges that has already compromised a fax server, to which the victim is connected, can exploit this vulnerability to execute arbitrary code on the victim machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38104
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38104 lm0963 with TianGongLab of Legendsec at QI-ANXIN Group


CVE-2024-38112 - Windows MSHTML Platform Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38112
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows MSHTML Platform Spoofing Vulnerability
Weakness: CWE-451 : User Interface (UI) Misrepresentation of Critical Information
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker would have to send the victim a malicious file that the victim would have to execute.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    12/07/2024    

Updated CWE value. This is an informational change only.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38112
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)
Important Spoofing 5039245

5034120
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22769

1.001
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)
Important Spoofing 5039245

5034120
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22769

1.001
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)
Important Spoofing 5039245

5034120
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22769

1.001
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
5040426 (IE Cumulative)
Important Spoofing 5039245

5034120
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22769

1.001
Yes 5040499
5040490
Windows Server 2012 R2 5040426 (IE Cumulative)
5040456 (Monthly Rollup)
Important Spoofing 5034120
5039294
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
1.001
6.3.9600.22074
Yes None
Windows Server 2012 R2 (Server Core installation) 5040426 (IE Cumulative)
5040456 (Monthly Rollup)
Important Spoofing 5034120
5039294
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
1.001
6.3.9600.22074
Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7,5
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38112 Haifei Li with Check Point Research


CVE-2024-38182 - Microsoft Dynamics 365 Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38182
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Dynamics 365 Elevation of Privilege Vulnerability
Weakness: CWE-1390 : Weak Authentication
CVSS:

CVSS:3.1 Highest BaseScore:9/TemporalScore:7,8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.


FAQ:

Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?

This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency.

Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    31/07/2024    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38182
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Dynamics 365 Field Service (on-premises) v7 series Critical Elevation of Privilege None Base: 9
Temporal: 7,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38182 Cameron Vincent with Microsoft


CVE-2024-26184 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26184
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:6,8/TemporalScore:5,9
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


How could an attacker successfully exploit this vulnerability?

To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .bcd file.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26184
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26184 Azure Yang with Kunlun Lab


CVE-2024-30013 - Windows MultiPoint Services Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30013
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows MultiPoint Services Remote Code Execution Vulnerability
Weakness: CWE-415 : Double Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An unauthenticated attacker can exploit this vulnerability by sending a malicious request packet via a client machine to a Windows Server configured to be a Multipoint Service over a network, and then waiting for the server to stop or restart.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires an admin user to stop or restart the service.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30013
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30013 k0shl with Kunlun Lab


CVE-2024-32987 - Microsoft SharePoint Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32987
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft SharePoint Server Information Disclosure Vulnerability
Weakness: CWE-918 : Server-Side Request Forgery (SSRF)
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, cryptographic nonces, and other sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    16/07/2024    

Added acknowledgements. This is an informational change only.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Information Disclosure 5002604
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.5456.1000
Maybe 5002618
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Information Disclosure 5002602
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.10412.20001
Maybe 5002615
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Information Disclosure 5002603 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32987 khoadha with vcslab from Viettel Cyber Security


CVE-2024-30071 - Windows Remote Access Connection Manager Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30071
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability
Weakness: CWE-126 : Buffer Over-read
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30071
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 4,7
Temporal: 4,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30071 George Hughey with MSRC Vulnerabilities & Mitigations


CVE-2024-30079 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30079
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Weakness: CWE-126 : Buffer Over-read
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30079
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30079 George Hughey with MSRC Vulnerabilities & Mitigations


CVE-2024-3596 - CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3596
MITRE
NVD

Issuing CNA: CERT/CC

CVE Title: CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
Weakness: CWE-327 : Use of a Broken or Risky Cryptographic Algorithm
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Why is this CERT/CC CVE included in the Security Update Guide?

A vulnerability exists in the RADIUS protocol that potentially affects many products and implementations of the RFC 2865 in the UDP version of the RADIUS protocol. In brief, RADIUS protocol (RFC 2865) is susceptible to forgery attacks that can modify Access-Accept or Access-Reject RADIUS response. CERT/CC assigned a CVE ID for this vulnerability which all vendors are using for their affected products.

Please see KB5040268: How to manage the Access-Request packets attack vulnerability associated with CVE-2024-3596 for information on additional steps that should be done to protect your environment from this vulnerability.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3596
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Spoofing 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Spoofing 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Spoofing 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3596 [info needed]


CVE-2024-30105 - .NET Core and Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30105
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: .NET Core and Visual Studio Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


2.0    25/07/2024    

Revised the Security Updates table to include PowerShell 7.4 because this version of PowerShell 7 is affected by this vulnerability. See https://github.com/PowerShell/Announcements/issues/65 for more information.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30105
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.8.12 Maybe None
PowerShell 7.4 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
7.4.4 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30105



CVE-2024-35261 - Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35261
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
Weakness: CWE-59 : Improper Link Resolution Before File Access ('Link Following')
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Is there any action I need to take to be protected from this vulnerability?

If you have enabled automatic updates, you will automatically receive the update as soon as it is available. If you have not enabled automatic updates, you will need to update the product manually.

Please see Update Network Watcher extension to the latest version - Azure Virtual Machines | Microsoft Learn for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35261
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Network Watcher VM Extension for Windows Release Notes (Security Update) Important Elevation of Privilege None Base: 7,8
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1.4.3320.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35261 R4nger & Zhiniang Peng


CVE-2024-35266 - Azure DevOps Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35266
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure DevOps Server Spoofing Vulnerability
Weakness: CWE-79 : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:

CVSS:3.1 Highest BaseScore:7,6/TemporalScore:6,6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious file and convince the user to open it.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and integrity (I:H) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality) and make changes to disclosed information (Integrity), and they might be able to force a crash within the server (Availability).


What actions do customers need to take to protect themselves from this vulnerability?

Customers using Azure DevOps 2022.1 must update to Azure DevOps Server 2022.2 released on 09 July, 2024 to be protected. For more information on this recent Azure DevOps release, see here: Azure DevOps Server 2022 Update 2 Release Notes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35266
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure DevOps Server 2022.1 Release Notes (Security Update) Important Spoofing None Base: 7,6
Temporal: 6,6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
20240702.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35266 Felix Boulet


CVE-2024-35267 - Azure DevOps Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35267
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure DevOps Server Spoofing Vulnerability
Weakness: CWE-79 : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:

CVSS:3.1 Highest BaseScore:7,6/TemporalScore:6,6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and integrity (I:H) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality) and make changes to disclosed information (Integrity), and they might be able to force a crash within the server (Availability).


What actions do customers need to take to protect themselves from this vulnerability?

Customers using Azure DevOps 2022.1 must update to Azure DevOps Server 2022.2 released on 09 July, 2024 to be protected. For more information on this recent Azure DevOps release, see here: Azure DevOps Server 2022 Update 2 Release Notes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35267
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure DevOps Server 2022.1 Release Notes (Security Update) Important Spoofing None Base: 7,6
Temporal: 6,6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
20240702.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35267 Felix Boulet


CVE-2024-35271 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35271
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35271
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35271 Anonymous


CVE-2024-35272 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35272
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35272
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35272 Anonymous


CVE-2024-20701 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20701
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20701
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20701 Anonymous


CVE-2024-21303 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21303
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21303
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21303 Anonymous


CVE-2024-21308 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21308
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21308
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21308 Anonymous


CVE-2024-21317 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21317
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21317
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21317 Anonymous


CVE-2024-21331 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21331
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21331
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21331 Anonymous


CVE-2024-21425 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21425
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21425
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21425 Anonymous


CVE-2024-37319 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37319
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37319
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37319 Anonymous


CVE-2024-37320 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37320
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37320
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37320 Anonymous


CVE-2024-37321 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37321
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37321
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37321 Anonymous


CVE-2024-37322 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37322
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37322
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37322 Anonymous


CVE-2024-37323 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37323
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37323
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37323 Anonymous


CVE-2024-37324 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37324
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37324
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37324 Anonymous


CVE-2024-21449 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21449
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21449
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21449 Anonymous


CVE-2024-37326 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37326
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37326
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37326 Anonymous


CVE-2024-37327 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37327
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37327
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37327 Anonymous


CVE-2024-37328 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37328
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37328
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37328 Anonymous


CVE-2024-37329 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37329
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37329
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37329 Anonymous


CVE-2024-37330 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37330
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37330
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37330 Anonymous


CVE-2024-37334 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37334
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37334
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft OLE DB Driver 18 for SQL Server 5040711 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
18.7.0004.0 Maybe None
Microsoft OLE DB Driver 19 for SQL Server 5040712 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
19.3.0005.0 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37334 Anonymous


CVE-2024-37333 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37333
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37333
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37333 Yuki Chen


CVE-2024-37336 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37336
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37336
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37336 Yuki Chen


CVE-2024-28928 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28928
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28928
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28928 Anonymous


CVE-2024-35256 - SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35256
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Apply if current product version is… This security update also includes servicing releases up through…
5040939 Security update for SQL Server 2022 CU13+GDR 16.0.4003.1 - 16.0.4125.3 KB 5036432 - SQL2022 RTM CU13
5040936 Security update for SQL Server 2022 RTM+GDR 16.0.1000.6 - 16.0.1115.1 KB 5035432 - Previous SQL2022 RTM GDR
5040948 Security update for SQL Server 2019 CU27+GDR 15.0.4003.23 - 15.0.4375.4 KB 5037331 - SQL2019 RTM CU27
5040986 Security update for SQL Server 2019 RTM+GDR 15.0.2000.5 - 15.0.2110.4 KB 5035434 - Previous SQL2019 RTM GDR
5040940 Security update for SQL Server 2017 CU31+GDR 14.0.3006.16 - 14.0.3465.1 KB 5029376 - SQL2017 RTM CU31
5040942 Security update for SQL Server 2017 RTM+GDR 14.0.1000.169 - 14.0.2052.1 KB 5029375 - Previous SQL2017 RTM GDR
5040944 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7000.253 - 13.0.7029.3 KB 5029187 - SQL2016 Azure Connect Feature Pack
5040946 Security update for SQL Server 2016RTM+GDR 13.0.6300.2 - 13.0.6435.1 KB 5029186 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manuall


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35256
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5040946 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.6441.1 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5040944 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
13.0.7037.1 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5040940 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.3471.2 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5040942 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
14.0.2056.2 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 27) 5040948 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.4382.1 Yes None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5040986 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
15.0.2116.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (CU 13) 5040939 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.4131.2 Yes None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5040936 (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.1121.4 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35256 Anonymous


CVE-2024-37971 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37971
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37971
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37971 Azure Yang with Kunlun Lab


CVE-2024-37972 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37972
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37972
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37972 Azure Yang with Kunlun Lab


CVE-2024-37973 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37973
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-674 : Uncontrolled Recursion
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    31/07/2024    

Updated one or more CVSS scores for the affected products. This is an informational change only.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37973
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37973 Azure Yang with Kunlun Lab


CVE-2024-37975 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37975
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37975
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37975 Azure Yang with Kunlun Lab


CVE-2024-37977 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37977
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37977
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37977 Azure Yang with Kunlun Lab


CVE-2024-37978 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37978
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37978 Azure Yang with Kunlun Lab


CVE-2024-37984 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37984
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-121 : Stack-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:8,4/TemporalScore:7,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37984
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8,4
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37984 Maxim Suhanov (MTS RED, dfir.ru)


CVE-2024-37988 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37988
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-130 : Improper Handling of Length Parameter Inconsistency
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37988
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37988 Azure Yang with Kunlun Lab


CVE-2024-37989 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37989
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-130 : Improper Handling of Length Parameter Inconsistency
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37989
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37989 Azure Yang with Kunlun Lab


CVE-2024-38010 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38010
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-130 : Improper Handling of Length Parameter Inconsistency
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38010
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38010 Azure Yang with Kunlun Lab


CVE-2024-38011 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38011
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-130 : Improper Handling of Length Parameter Inconsistency
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38011
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 8
Temporal: 7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38011 Azure Yang with Kunlun Lab


CVE-2024-38017 - Microsoft Message Queuing Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38017
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Message Queuing Information Disclosure Vulnerability
Weakness: CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38017
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Information Disclosure 5039225 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure 5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Information Disclosure
5039211
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Information Disclosure 5039213
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure 5039212
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Information Disclosure
5039212
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Information Disclosure 5039245
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Information Disclosure 5039289
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Information Disclosure 5039260 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Information Disclosure 5039294 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Information Disclosure 5039214 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Information Disclosure 5039217
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Information Disclosure 5039227
Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Information Disclosure 5039236 Base: 5,5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38017 cdpython with AlpineLab


9oat with AlpineLab


g3un with AlpineLab


cdpython, 9oat and g3un with AlpineLab


CVE-2024-38019 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38019
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker or the targeted user would need to achieve a high level of control over a machine, as the attack requires access to processes typically restricted from average users.

Essentially, the exploitation necessitates elevated privileges on the compromised machine due to the requirement of manipulating processes beyond the reach of standard user permissions.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38019
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38019 Fangming Gu


Qinghe Xie


Anonymous


CVE-2024-38020 - Microsoft Outlook Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38020
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Outlook Spoofing Vulnerability
Weakness: CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires that a user open a specially crafted file.

  • In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
  • In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of NTLM hashes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Moderate Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38020
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002620 (Security Update) Moderate Spoofing 5002591 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002620 (Security Update) Moderate Spoofing 5002591 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Moderate Spoofing None Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Outlook 2016 (32-bit edition) 5002621 (Security Update) Moderate Spoofing 5002600 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None
Microsoft Outlook 2016 (64-bit edition) 5002621 (Security Update) Moderate Spoofing 5002600 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38020 JimSRush with PrivSec Consulting


CVE-2024-38021 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38021
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires a user to allow blocked content sent from an external attacker to initiate remote code execution.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


How could the attacker exploit this vulnerability?

An attacker could craft a malicious link that bypasses the Protected View Protocol, which could lead remote code execution (RCE).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


1.1    10/07/2024    

Corrected CVE title. This is an informational change only.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38021
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002620 (Security Update) Important Remote Code Execution 5002591 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002620 (Security Update) Important Remote Code Execution 5002591 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.5456.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38021 Arnold Osipov with Morphisec


Shmuel Uzan with Morphisec


Michael Gorelik with Morphisec


CVE-2024-38027 - Windows Line Printer Daemon Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38027
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Line Printer Daemon Service Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An unauthenticated attacker with LAN access could exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38027
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38027 Anonymous


CVE-2024-38028 - Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38028
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the attacker machine could run malicious code remotely in the victim machine's performance counter data collector process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38028
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38028 QingHe Xie and FangMing Gu


CVE-2024-38030 - Windows Themes Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38030
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Themes Spoofing Vulnerability
Weakness: CWE-200 : Exposure of Sensitive Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily click or open the malicious file.


Mitigations:

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigations might apply in your situation:

  • Systems that have disabled NTLM are not affected.

  • Apply the existing group policy to block NTLM hash. With this policy enabled, this issue for a remote SMB location client or server can be mitigated. To enable the policy: Select Computer Configuration > Windows Settings > ** Security Settings** > Local Policies > Security Options. On the right pane, double-click the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers policy per the options listed below in the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers documentation.

References:


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38030
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Spoofing 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Spoofing 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Spoofing 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Spoofing 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Spoofing
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Spoofing 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Spoofing 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Spoofing
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Spoofing 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Spoofing 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Spoofing 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Spoofing 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Spoofing 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Spoofing 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Spoofing 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Spoofing 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38030 Tomer Peled with Akamai


CVE-2024-38031 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38031
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38031
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38031 k0shl with Kunlun Lab


CVE-2024-38032 - Microsoft Xbox Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38032
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Xbox Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:6,2
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to obtain special or uncommon hardware.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38032
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,1
Temporal: 6,2
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38032 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38033 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38033
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: PowerShell Elevation of Privilege Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:6,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker with standard user privileges could place a malicious file and then wait for the privileged victim to run the calling command.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38033
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38033 Tom Norfolk with AJ Bell




Jimmy Bayne


CVE-2024-38044 - DHCP Server Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38044
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: DHCP Server Service Remote Code Execution Vulnerability
Weakness: CWE-197 : Numeric Truncation Error
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated DHCP Server privileges. As is best practice, regular validation and audits of administrative groups should be conducted.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38044
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38044 wkai with Codesafe Team of Legendsec at QI-ANXIN Group


CVE-2024-38047 - PowerShell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38047
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: PowerShell Elevation of Privilege Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate their user privileges from those of a restrained user to an unrestrained WDAC user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38047
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38047 Jimmy Bayne


CVE-2024-38048 - Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38048
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38048
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38048 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38049 - Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38049
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
Weakness: CWE-73 : External Control of File Name or Path
CVSS:

CVSS:3.1 Highest BaseScore:6,6/TemporalScore:5,8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38049
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Remote Code Execution 5039245
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Remote Code Execution 5039289
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 6,6
Temporal: 5,8
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38049 wkai with Codesafe Team of Legendsec at QI-ANXIN Group


CVE-2024-38050 - Windows Workstation Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38050
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Workstation Service Elevation of Privilege Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

If successfully exploited, this vulnerability could case attacker-controlled data on the heap to overwrite critical structures of the service, leading to arbitrary memory write or control flow hijacking, resulting in privilege escalation


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38050
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38050 A1gxer


afang5472


CVE-2024-38052 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38052
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38052
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38052 Angelboy (@scwuaptx) with DEVCORE


CVE-2024-38053 - Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38053
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet over the ethernet to an adjacent system that is employing a networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38053
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Remote Code Execution 5039225 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution 5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Remote Code Execution
5039211
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Remote Code Execution 5039260 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Remote Code Execution 5039294 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Remote Code Execution 5039214 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Remote Code Execution 5039217
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Remote Code Execution 5039227
Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Remote Code Execution 5039236 Base: 8,8
Temporal: 7,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38053 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38057 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38057
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38057
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38057 Angelboy (@scwuaptx) with DEVCORE


CVE-2024-38058 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38058
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: BitLocker Security Feature Bypass Vulnerability
Weakness: CWE-693 : Protection Mechanism Failure
CVSS:

CVSS:3.1 Highest BaseScore:6,8/TemporalScore:5,9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38058
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38058 Bill Demirkapi of Microsoft


CVE-2024-38065 - Secure Boot Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38065
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Secure Boot Security Feature Bypass Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:6,8/TemporalScore:5,9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Secure Boot.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38065
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 6,8
Temporal: 5,9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38065 Zammis Clark


CVE-2024-38066 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38066
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Win32k Elevation of Privilege Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38066
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38066 Marcin Wiazowski working with Trend Micro Zero Day Initiative


CVE-2024-38067 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38067
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38067
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38067 k0shl with Kunlun Lab


CVE-2024-38068 - Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38068
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
Weakness: CWE-400 : Uncontrolled Resource Consumption
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38068
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38068 k0shl with Kunlun Lab


CVE-2024-38069 - Windows Enroll Engine Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38069
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Enroll Engine Security Feature Bypass Vulnerability
Weakness: CWE-347 : Improper Verification of Cryptographic Signature
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:6,1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass certificate validation during the account enrollment process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38069
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38069 Izzy Whistlecroft of Microsoft's Security Response Center


CVE-2024-38070 - Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38070
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
Weakness: CWE-693 : Protection Mechanism Failure
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass the execution policy for the Windows LockDown Policy (WLDP) for the WDAC API.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38070
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Security Feature Bypass 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Security Feature Bypass
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Security Feature Bypass 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Security Feature Bypass
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Security Feature Bypass 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Security Feature Bypass 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Security Feature Bypass 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Security Feature Bypass 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Security Feature Bypass 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Security Feature Bypass 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38070 Rajiv Chikine with Microsoft


CVE-2024-38073 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38073
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?

An attacker could impact availability of the service resulting in Denial of Service (DoS).


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38073
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38073 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38074 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38074
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Weakness: CWE-191 : Integer Underflow (Wrap or Wraparound)
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:8,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38074
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Critical Remote Code Execution 5039289
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Critical Remote Code Execution 5039260 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Critical Remote Code Execution 5039294 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38074 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38076 - Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38076
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:8,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution.


Mitigations:

The following mitigation may be helpful in your situation.

In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled:

1. Disable Remote Desktop Licensing Service if is not required.

If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38076
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Critical Remote Code Execution 5039214 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Critical Remote Code Execution 5039217
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Critical Remote Code Execution 5039227
Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Critical Remote Code Execution 5039236 Base: 9,8
Temporal: 8,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38076 Lewis Lee, Chunyang Han and Zhiniang Peng


CVE-2024-38078 - Xbox Wireless Adapter Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38078
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Xbox Wireless Adapter Remote Code Execution Vulnerability
Weakness: CWE-416 : Use After Free
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.


How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38078
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Remote Code Execution 5039213
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution 5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Remote Code Execution
5039212
Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38078 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38079 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38079
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
Weakness: CWE-122 : Heap-based Buffer Overflow
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38079
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38079 Anonymous


CVE-2024-38081 - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38081
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Weakness: CWE-59 : Improper Link Resolution Before File Access ('Link Following')
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:6,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of this vulnerability requires that a local user executes the Visual Studio installer


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must have permissions to access the target domain environment to be able to exploit this vulnerability


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


2.0    25/07/2024    

In the Security Updates table, made the following corrections: 1) Added .NET 6.0 as it is affected by this vulnerability. 2) Removed .NET 8.0 as it is not affected by this vulnerability. 3) Corrected Download and Article links for .NET 3.5 and 4.7.2 installed on Windows 10 Version 1809 for 32-bit Systems.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38081
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 6.0 5041080 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.32 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2.0.50727.8977 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2.0.50727.8977 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Elevation of Privilege 5039214 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2016 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2016 (Server Core installation) 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.2.4101.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for ARM64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) 5041017 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 5041016 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) 5041016 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.04 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5041018 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5041019 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for ARM64-based Systems 5041020 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for x64-based Systems 5041020 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems 5039895 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 5041016 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) 5041016 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) 5039895 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.1.9256.03 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8972 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8972 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.4101.04 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041021 (Monthly Rollup)
5041026 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8971 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041021 (Monthly Rollup)
5041026 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.5.30729.8971 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5041024 (Monthly Rollup)
5041027 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041026 (Security Only) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041026 (Security Only)
5041021 (Monthly Rollup)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.01
4.7.4101.02
Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.7.4101.02 Maybe None
Microsoft .NET Framework 4.6/4.6.2 on Windows 10 for 32-bit Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Microsoft .NET Framework 4.6/4.6.2 on Windows 10 for x64-based Systems 5040448 (Security Update) Important Elevation of Privilege 5039225 Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5039885 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5039885 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5041021 (Monthly Rollup)
5041026 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02
4.8.4739.03
Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5041021 (Monthly Rollup)
5041026 (Security Only)
Important Elevation of Privilege Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02
4.8.4739.03
Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5041022 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5041023 (Monthly Rollup) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.4739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 5039885 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.04739.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5039885 (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.04739.02 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Elevation of Privilege None Base: 7,3
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
17.8.12 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38081 goodbyeselene


goodbyeselene


CVE-2024-38089 - Microsoft Defender for IoT Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38089
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Defender for IoT Elevation of Privilege Vulnerability
Weakness: CWE-269 : Improper Privilege Management
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:7,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability would gain the ability to escape the AppContainer and impersonate a non-AppContainer token.


According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by escaping the sensor-app docker container (which is running the web application) and running commands on the host. This would allow them to enter any other containers and potentially gain control over the system.


Mitigations:

The following mitigating factor might be helpful in your situation:

Consider upgrading to Defender for IoT version 24.1.4 or newer.


Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38089
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Defender for IoT Release Notes (Security Update) Important Elevation of Privilege None Base: 9,1
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
24.1.4 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38089 Siemens Energy


CVE-2024-38092 - Azure CycleCloud Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38092
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure CycleCloud Elevation of Privilege Vulnerability
Weakness: CWE-693 : Protection Mechanism Failure
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:7,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

The attacker who successfully exploited the vulnerability could elevate privileges to the Administrator role in the vulnerable Azure CycleCloud instance.


According to the CVSS metric, privileges required is Low (PR:L). What does that mean for this vulnerability?

To exploit this vulnerability an attacker must have an account with the User role assigned.


What actions do customers need to take to protect themselves from this vulnerability?

Azure CycleCloud versions 7.9.0 - 7.9.11 were retired on 30 September, 2023 as documented here: CycleCloud 7 Retirement Guide. Customers with existing CycleCloud deployments using versions 7.9.0 - 7.9.11 must migrate their resources to CycleCloud version 8.6.2 to be protected by following the instructions here: Upgrading CycleCloud.

Customers with existing CycleCloud deployments using versions 8.0.0 - 8.6.0 should update their resources to CycleCloud version 8.6.2 to be protected by following the instructions here: Upgrading CycleCloud.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38092
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure CycleCloud 7.9.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.10 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.11 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.3 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.4 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.5 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.6 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.7 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.8 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 7.9.9 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.0.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.0.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.0.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.1.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.1.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.2.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.2.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.2.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.3.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.4.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.4.1 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.4.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.5.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None
Azure CycleCloud 8.6.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 8,8
Temporal: 7,9
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
8.6.2 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38092 Christian Bortone with Merck KGaA


CVE-2024-38094 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38094
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Weakness: CWE-502 : Deserialization of Untrusted Data
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38094
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002618 (Security Update) Important Remote Code Execution 5002604
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.5456.1000
Maybe 5002618
Microsoft SharePoint Server 2019 5002615 (Security Update) Important Remote Code Execution 5002602
Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.10412.20001
Maybe 5002615
Microsoft SharePoint Server Subscription Edition 5002606 (Security Update) Important Remote Code Execution 5002603 Base: 7,2
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
16.0.17328.20424 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38094

CVE-2024-38095 - .NET and Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38095
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: .NET and Visual Studio Denial of Service Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


2.0    25/07/2024    

Revised the Security Updates table to include PowerShell 7.4 and 7.2 because these versions of PowerShell 7 are affected by this vulnerability. See https://github.com/PowerShell/Announcements/issues/64 for more information.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38095
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 5041081 (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
8.0.7 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.10.4 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.4.21 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.6.17 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
17.8.12 Maybe None
PowerShell 7.2 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
7.2.22 Maybe None
PowerShell 7.4 Release Notes (Security Update) Important Denial of Service None Base: 7,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
7.4.4 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38095

CVE-2024-38099 - Windows Remote Desktop Licensing Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38099
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Weakness: CWE-287 : Improper Authentication
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to possess advanced reverse engineering skills to identify and gain unauthorized access to specific remote procedure call (RPC) endpoints.


Are there additional actions I need to take after I have installed the update?

Yes. If your RD session hosts and RD licensing servers are joined to a work group, you need to ensure that your RD session hosts have the necessary credentials to access your RD licensing servers. For more information see: License Remote Desktop session hosts. No additional action is needed for RD session hosts and RD licensing servers joined to a domain.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38099
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Important Denial of Service 5039245
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Important Denial of Service 5039289
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38099 Philemon Orphee Favrod with Microsoft


Josh Watson with Microsoft


Gus Catalano with Microsoft


Ray Reskusich with Microsoft


CVE-2024-38101 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38101
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
Weakness: CWE-125 : Out-of-bounds Read
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38101
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38101 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-38105 - Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38105
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
Weakness: CWE-20 : Improper Input Validation
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38105
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Important Denial of Service 5039225 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service 5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Important Denial of Service
5039211
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Important Denial of Service 5039213
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service 5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Important Denial of Service
5039212
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2012 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Important Denial of Service 5039260 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Important Denial of Service 5039294 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Important Denial of Service 5039214 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Important Denial of Service 5039217
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Important Denial of Service 5039227
Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Important Denial of Service 5039236 Base: 6,5
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38105 Wei in Kunlun Lab with Cyber KunLun


CVE-2024-39684 - Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-39684
MITRE
NVD

Issuing CNA: Github

CVE Title: Github: CVE-2024-39684 TenCent RapidJSON Elevation of Privilege Vulnerability
Weakness: CWE-190 : Integer Overflow or Wraparound
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:6,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in RapidJSON library which is consumed by Microsoft Active Directory Rights Management Services Client. The CVE for this open source component, which is used in a Microsoft product, is assigned by GitHub CNA.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09/07/2024    

Information published.


Moderate Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-39684
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5040448 (Security Update) Moderate Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 for x64-based Systems 5040448 (Security Update) Moderate Elevation of Privilege 5039225 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20710 Yes None
Windows 10 Version 1607 for 32-bit Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1607 for x64-based Systems 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows 10 Version 1809 for 32-bit Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for ARM64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 1809 for x64-based Systems 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows 10 Version 21H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 21H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege 5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.4651
Yes 5040427
Windows 10 Version 22H2 for 32-bit Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for ARM64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 10 Version 22H2 for x64-based Systems 5040427 (Security Update) Moderate Elevation of Privilege
5039211
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.4651
Yes 5040427
Windows 11 version 21H2 for ARM64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 version 21H2 for x64-based Systems 5040431 (Security Update) Moderate Elevation of Privilege 5039213
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.3079
Yes 5040431
Windows 11 Version 22H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 22H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege 5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.3880
Yes 5040442
Windows 11 Version 23H2 for ARM64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows 11 Version 23H2 for x64-based Systems 5040442 (Security Update) Moderate Elevation of Privilege
5039212
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.22631.3880
Yes 5040442
Windows Server 2008 for 32-bit Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Moderate Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Moderate Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 5040499 (Monthly Rollup)
5040490 (Security Only)
Moderate Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5040499 (Monthly Rollup)
5040490 (Security Only)
Moderate Elevation of Privilege 5039245
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22769
Yes 5040499
5040490
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5040497 (Monthly Rollup)
5040498 (Security Only)
Moderate Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5040497 (Monthly Rollup)
5040498 (Security Only)
Moderate Elevation of Privilege 5039289
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.27219 Yes None
Windows Server 2012 5040485 (Monthly Rollup) Moderate Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 (Server Core installation) 5040485 (Monthly Rollup) Moderate Elevation of Privilege 5039260 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24975 Yes None
Windows Server 2012 R2 5040456 (Monthly Rollup) Moderate Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2012 R2 (Server Core installation) 5040456 (Monthly Rollup) Moderate Elevation of Privilege 5039294 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.22074 Yes None
Windows Server 2016 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2016 (Server Core installation) 5040434 (Security Update) Moderate Elevation of Privilege 5039214 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.7159 Yes None
Windows Server 2019 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2019 (Server Core installation) 5040430 (Security Update) Moderate Elevation of Privilege 5039217
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.6054
Yes 5040430
Windows Server 2022 5040437 (Security Update) Moderate Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022 (Server Core installation) 5040437 (Security Update) Moderate Elevation of Privilege 5039227
Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2582
Yes 5040437
Windows Server 2022, 23H2 Edition (Server Core installation) 5040438 (Security Update) Moderate Elevation of Privilege 5039236 Base: 7,8
Temporal: 6,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.1009 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-39684 Anonymous


CVE-2024-38176 - GroupMe Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38176
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: GroupMe Elevation of Privilege Vulnerability
Weakness: CWE-307 : Improper Restriction of Excessive Authentication Attempts
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:7,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.


FAQ:

Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?

This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency.

Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38176
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
GroupMe Critical Elevation of Privilege None Base: 8,1
Temporal: 7,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38176 Guy Arazi with Microsoft


CVE-2024-38164 - GroupMe Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38164
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: GroupMe Elevation of Privilege Vulnerability
Weakness: CWE-284 : Improper Access Control
CVSS:

CVSS:3.1 Highest BaseScore:9,6/TemporalScore:8,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.


FAQ:

Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?

This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency.

Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38164
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
GroupMe Critical Elevation of Privilege None Base: 9,6
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38164 Jonah Hook


CVE-2024-39379 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-39379
MITRE
NVD

Issuing CNA: Adobe Systems Incorporated

CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:6,1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

Why is this Adobe CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Adobe Software which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-39379
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Remote Code Execution None Base: 7
Temporal: 6,1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-39379 0x140ce


CVE-2024-6988 - Chromium: CVE-2024-6988 Use after free in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6988
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6988 Use after free in Downloads
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6988
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6988 None

CVE-2024-6989 - Chromium: CVE-2024-6989 Use after free in Loader

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6989
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6989 Use after free in Loader
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6989
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6989 None

CVE-2024-6999 - Chromium: CVE-2024-6999 Inappropriate implementation in FedCM

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6999
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6999 Inappropriate implementation in FedCM
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6999
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6999 None

CVE-2024-6998 - Chromium: CVE-2024-6998 Use after free in User Education

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6998
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6998 Use after free in User Education
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6998
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6998 None

CVE-2024-6996 - Chromium: CVE-2024-6996 Race in Frames

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6996
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6996 Race in Frames
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6996 None

CVE-2024-6997 - Chromium: CVE-2024-6997 Use after free in Tabs

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6997
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6997 Use after free in Tabs
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6997
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6997 None

CVE-2024-6994 - Chromium: CVE-2024-6994 Heap buffer overflow in Layout

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6994
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6994 Heap buffer overflow in Layout
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6994
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6994 None

CVE-2024-6993 - Chromium: CVE-2024-6993

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6993
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6993
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6993
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6993 None

CVE-2024-6995 - Chromium: CVE-2024-6995 Inappropriate implementation in Fullscreen

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6995
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6995 Inappropriate implementation in Fullscreen
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6995
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6995 None

CVE-2024-6992 - Chromium: CVE-2024-6992

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6992
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6992
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6992
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6992 None

CVE-2024-7005 - Chromium: CVE-2024-7005 Insufficient validation of untrusted input in Safe Browsing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-7005
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-7005 Insufficient validation of untrusted input in Safe Browsing
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-7005
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-7005 None

CVE-2024-6991 - Chromium: CVE-2024-6991 Use after free in Dawn

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6991
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6991 Use after free in Dawn
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6991
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6991 None

CVE-2024-7004 - Chromium: CVE-2024-7004 Insufficient validation of untrusted input in Safe Browsing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-7004
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-7004 Insufficient validation of untrusted input in Safe Browsing
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-7004
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-7004 None

CVE-2024-7003 - Chromium: CVE-2024-7003 Inappropriate implementation in FedCM

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-7003
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-7003 Inappropriate implementation in FedCM
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-7003
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-7003 None

CVE-2024-7001 - Chromium: CVE-2024-7001 Inappropriate implementation in HTML

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-7001
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-7001 Inappropriate implementation in HTML
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-7001
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-7001 None

CVE-2024-7000 - Chromium: CVE-2024-7000 Use after free in CSS

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-7000
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-7000 Use after free in CSS
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-7000
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-7000 None

CVE-2024-38103 - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38103
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Weakness: CWE-359 : Exposure of Private Personal Information to an Unauthorized Actor
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal?

Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be downgraded". The CVSS scoring system doesn't allow for this type of nuance.


Mitigations:
None
Workarounds:
None
Revision:
1.0    25/07/2024    

Information published.


Moderate Information Disclosure

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38103
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Information Disclosure None Base: 5,9
Temporal: 5,2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C
127.0.2651.74 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38103 Jun Kokatsu


CVE-2024-6387 - RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6387
MITRE
NVD

Issuing CNA: Red Hat, Inc.

CVE Title: RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling
Weakness: CWE-364 : Signal Handler Race Condition
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:

Why is the Red Hat Inc. the assigning CNA (CVE Numbering Authority)?

CVE-2024-6387 is regarding a vulnerability in OppenSSH's server (sshd). Red Hat created this CVE on its behalf.


Is Microsoft Windows vulnerable to CVE-2024-6387?

No, Microsoft Windows is not affected by this vulnerability. Although Windows contains an OpenSSH component, the vulnerable code cannot be exploited or controlled by an adversary.

The race condition used in this exploit is not possible in Windows because of significant differences with login grace timeout handling in the win32-openssh implementation.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11/07/2024    

Information published.


1.1    15/07/2024    

Updated FAQ information. This is an informational change only.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6387
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM openssh (CBL-Mariner) Critical Remote Code Execution None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 openssh (CBL-Mariner) Critical Remote Code Execution None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6387 None

CVE-2024-38156 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38156
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
Weakness: CWE-79 : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?

Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 116.0.1938.81 N/A 7/11/2024

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 127.0.2651.74 127.0.6533.73 7/11/2024

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    17/07/2024    

Information published.


Moderate Spoofing

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38156
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Spoofing None Base: 6,1
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
126.0.2592.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38156 Jun Kokatsu


CVE-2024-6779 - Chromium: CVE-2024-6779 Out of bounds memory access in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6779
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6779 Out of bounds memory access in V8
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6779
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6779 None

CVE-2024-6773 - Chromium: CVE-2024-6773 Type Confusion in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6773
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6773 Type Confusion in V8
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6773
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6773 None

CVE-2024-6772 - Chromium: CVE-2024-6772 Inappropriate implementation in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6772
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6772 Inappropriate implementation in V8
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6772
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6772 None

CVE-2024-6775 - Chromium: CVE-2024-6775 Use after free in Media Stream

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6775
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6775 Use after free in Media Stream
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6775
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6775 None

CVE-2024-6776 - Chromium: CVE-2024-6776 Use after free in Audio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6776
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6776 Use after free in Audio
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6776
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6776 None

CVE-2024-6778 - Chromium: CVE-2024-6778 Race in DevTools

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6778
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6778 Race in DevTools
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6778
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6778 None

CVE-2024-6777 - Chromium: CVE-2024-6777 Use after free in Navigation

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6777
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6777 Use after free in Navigation
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6777
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6777 None

CVE-2024-6774 - Chromium: CVE-2024-6774 Use after free in Screen Capture

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-6774
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2024-6774 Use after free in Screen Capture
Weakness: N/A
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released
Stable 126.0.2592.113 126.0.6478.182/183 7/18/2024

Mitigations:
None
Workarounds:
None
Revision:
1.0    18/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-6774
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
126.0.2592.113 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-6774 None

CVE-2023-45288 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45288
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    20/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45288
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
0.14.0-1
2.27.0-1
0.29.0-1
1.30.1-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
0.14.0-1
2.27.0-1
0.29.0-1
1.30.1-1
None
CBL Mariner 2.0 ARM blobfuse2 (CBL-Mariner)
cert-manager (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
2.1.2-3
1.11.2-9
1.11.1-8
1.29.0-2
None
CBL Mariner 2.0 x64 blobfuse2 (CBL-Mariner)
cert-manager (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
2.1.2-3
1.11.2-9
1.11.1-8
1.29.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45288 None

CVE-2019-3816 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-3816
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-3816
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unknown Unknown None
Azure Linux 3.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unknown Unknown None
CBL Mariner 2.0 ARM openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6.8-13 Unknown None
CBL Mariner 2.0 x64 openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6.8-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-3816 None

CVE-2024-24786 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24786
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/03/2024    

Information published.


2.0    01/04/2024    

Added node-problem-detector to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24786
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azcopy (CBL-Mariner)
docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
0.14.0-1
2.27.0-1
0.29.0-1
None
Azure Linux 3.0 x64 azcopy (CBL-Mariner)
docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
0.14.0-1
2.27.0-1
0.29.0-1
None
CBL Mariner 2.0 ARM azcopy (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
kubevirt (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
3.2.0.azl2-1
0.59.0-18
None
CBL Mariner 2.0 x64 azcopy (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
kubevirt (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
3.2.0.azl2-1
0.59.0-18
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24786 None

CVE-2023-5156 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5156
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/09/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5156
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-6 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5156 None

CVE-2023-4911 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4911
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/10/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4911
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.35-5 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.35-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4911 None

CVE-2017-17522 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-17522
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-17522
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.18-3 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.18-3 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-17522 None

CVE-2007-4559 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2007-4559
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added python3 to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2007-4559
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM python3 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.9.19-1 Unknown None
CBL Mariner 2.0 x64 python3 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.9.19-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2007-4559 None

CVE-2019-9674 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-9674
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-9674
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-9674 None

CVE-2021-23336 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-23336
MITRE
NVD

Issuing CNA: report@snyk.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/02/2021    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-23336
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
2.7.18-6
3.7.10-3
None
CBL Mariner 1.0 x64 python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
2.7.18-6
3.7.10-3
None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-23336 None

CVE-2022-3857 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3857
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3857
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
CBL Mariner 2.0 ARM libpng (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.39-1 Unknown None
CBL Mariner 2.0 x64 libpng (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.39-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3857 None

CVE-2024-20961 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20961
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20961
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20961 None

CVE-2024-20963 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20963
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20963
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20963 None

CVE-2024-20971 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20971
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,9/TemporalScore:4,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20971
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20971 None

CVE-2024-20981 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20981
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,9/TemporalScore:4,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20981 None

CVE-2024-28863 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28863
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28863
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.20.3-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.20.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28863 None

CVE-2024-3727 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3727
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,3/TemporalScore:8,3
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM containerized-data-importer (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.57.0-2
0.29.0-1
None
Azure Linux 3.0 x64 containerized-data-importer (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.57.0-2
0.29.0-1
None
CBL Mariner 2.0 ARM containerized-data-importer (CBL-Mariner)
cri-o (CBL-Mariner)
skopeo (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.55.0-19
1.22.3-4
1.14.2-5
None
CBL Mariner 2.0 x64 containerized-data-importer (CBL-Mariner)
cri-o (CBL-Mariner)
skopeo (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.55.0-19
1.22.3-4
1.14.2-5
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3727 None

CVE-2024-31755 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31755
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,6/TemporalScore:7,6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/05/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31755
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM apparmor (CBL-Mariner) Unknown Unknown None Base: 7,6
Temporal: 7,6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
3.0.4-4 Unknown None
CBL Mariner 2.0 x64 apparmor (CBL-Mariner) Unknown Unknown None Base: 7,6
Temporal: 7,6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
3.0.4-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31755 None

CVE-2024-33601 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33601
MITRE
NVD

Issuing CNA: glibc-cna@sourceware.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/05/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33601
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-7 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33601 None

CVE-2024-33602 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33602
MITRE
NVD

Issuing CNA: glibc-cna@sourceware.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,6/TemporalScore:8,6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/05/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33602
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
2.35-7 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
2.35-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33602 None

CVE-2024-29160 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29160
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29160
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29160 None

CVE-2024-29165 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29165
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29165
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29165 None

CVE-2024-29164 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29164
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29164
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29164 None

CVE-2024-32614 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32614
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32614
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32614 None

CVE-2024-32613 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32613
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32613
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32613 None

CVE-2024-32612 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32612
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32612
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32612 None

CVE-2024-32616 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32616
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32616
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32616 None

CVE-2024-32618 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32618
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32618
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32618 None

CVE-2024-33874 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33874
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33874
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33874 None

CVE-2024-32623 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32623
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32623
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32623 None

CVE-2023-6121 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6121
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,3/TemporalScore:4,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6121
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
5.15.145.2-1 Unknown None
CBL Mariner 2.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
5.15.145.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6121 None

CVE-2024-26984 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26984
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/05/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26984
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.1-1 Unknown None
CBL Mariner 2.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26984 None

CVE-2023-2976 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2976
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2976
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM javapackages-bootstrap (CBL-Mariner)
guava (CBL-Mariner)
Unknown Unknown Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1.5.0-5
25.0-8
None
CBL Mariner 2.0 x64 guava (CBL-Mariner)
javapackages-bootstrap (CBL-Mariner)
Unknown Unknown Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
25.0-8
1.5.0-5
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2976 None

CVE-2023-6817 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6817
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6817
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.145.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.145.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6817 None

CVE-2023-52802 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52802
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52802
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.158.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.158.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52802 None

CVE-2024-26978 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26978
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26978 None

CVE-2024-26933 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26933
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26933
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26933 None

CVE-2024-36481 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-36481
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-36481
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-36481 None

CVE-2024-38664 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38664
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38664
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38664 None

CVE-2024-32487 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32487
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,6/TemporalScore:8,6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    22/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32487
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM less (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
643-2 Unknown None
Azure Linux 3.0 x64 less (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
643-2 Unknown None
CBL Mariner 2.0 ARM less (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
590-4 Unknown None
CBL Mariner 2.0 x64 less (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
590-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32487 None

CVE-2022-41862 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41862
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,7/TemporalScore:3,7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41862
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
14.11-1 Unknown None
CBL Mariner 2.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
14.11-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41862 None

CVE-2024-31584 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31584
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/04/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31584
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM pytorch (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
2.0.0-5 Unknown None
CBL Mariner 2.0 x64 pytorch (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
2.0.0-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31584 None

CVE-2023-5535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5535
MITRE
NVD

Issuing CNA: security@huntr.dev

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM vim (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.0.2010-1 Unknown None
CBL Mariner 2.0 x64 vim (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.0.2010-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5535 None

CVE-2024-37535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37535
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,4/TemporalScore:4,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM vte291 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
0.66.2-3 Unknown None
CBL Mariner 2.0 x64 vte291 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
0.66.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37535 None

CVE-2022-2929 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2929
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2929
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM dhcp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.4.3.P1-1 Unknown None
Azure Linux 3.0 x64 dhcp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.4.3.P1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2929 None

CVE-2022-2928 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2928
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2928
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM dhcp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.4.3.P1-1 Unknown None
Azure Linux 3.0 x64 dhcp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.4.3.P1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2928 None

CVE-2024-31744 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31744
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31744
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM jasper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.2.1-2 Unknown None
Azure Linux 3.0 x64 jasper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.2.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31744 None

CVE-2023-5363 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5363
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/10/2023    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5363
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
38.0.72.2-1
18.20.2-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
38.0.72.2-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5363 None

CVE-2023-6237 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6237
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6237
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6237 None

CVE-2024-4603 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4603
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4603
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4603 None

CVE-2023-42282 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-42282
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-42282
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
reaper (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
16.20.2-3
18.18.2-4
3.1.1-10
None
CBL Mariner 2.0 x64 nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
reaper (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
16.20.2-3
18.18.2-4
3.1.1-10
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-42282 None

CVE-2024-38472 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38472
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38472
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.4.61-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.4.61-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38472 None

CVE-2017-15371 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-15371
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-15371
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM sox (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
14.4.2.0-33 Unknown None
CBL Mariner 2.0 x64 sox (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
14.4.2.0-33 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-15371 None

CVE-2021-43565 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-43565
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-43565
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM cf-cli (CBL-Mariner)
cri-o (CBL-Mariner)
moby-buildx (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4.0-18
1.22.3-5
0.7.1-20
None
CBL Mariner 2.0 x64 cf-cli (CBL-Mariner)
cri-o (CBL-Mariner)
moby-buildx (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.4.0-18
1.22.3-5
0.7.1-20
None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-43565 None

CVE-2017-15370 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-15370
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-15370
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM sox (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
14.4.2.0-33 Unknown None
CBL Mariner 2.0 x64 sox (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
14.4.2.0-33 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-15370 None

CVE-2015-7747 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2015-7747
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2015-7747
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM audiofile (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.3.6-27 Unknown None
Azure Linux 3.0 x64 audiofile (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.3.6-27 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2015-7747 None

CVE-2020-27823 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27823
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27823
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27823 None

CVE-2020-27814 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27814
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27814
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27814 None

CVE-2020-27824 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27824
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27824
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27824 None

CVE-2020-27841 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27841
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27841
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27841 None

CVE-2020-27843 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27843
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27843
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27843 None

CVE-2020-27845 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27845
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27845
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27845 None

CVE-2020-8597 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-8597
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-8597
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ppp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.4.7-36 Unknown None
Azure Linux 3.0 x64 ppp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.4.7-36 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-8597 None

CVE-2020-8112 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-8112
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-8112
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-8112 None

CVE-2024-3651 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3651
MITRE
NVD

Issuing CNA: security@huntr.dev

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3651
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python-idna (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.7-1 Unknown None
CBL Mariner 2.0 x64 python-idna (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.7-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3651 None

CVE-2019-20907 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-20907
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-20907
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5
3.7.10-3
None
CBL Mariner 1.0 x64 python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5
3.7.10-3
None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-20907 None

CVE-2017-18207 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-18207
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-18207
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-18207 None

CVE-2023-4039 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4039
MITRE
NVD

Issuing CNA: arm-security@arm.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,8/TemporalScore:4,8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/09/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4039
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
13.2.0-7 Unknown None
Azure Linux 3.0 x64 gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
13.2.0-7 Unknown None
CBL Mariner 2.0 ARM gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
11.2.0-6 Unknown None
CBL Mariner 2.0 x64 gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
11.2.0-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4039 None

CVE-2019-3833 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-3833
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    08/07/2024    

Information published.


1.0    09/07/2024    

Information published.


1.0    10/07/2024    

Information published.


1.0    12/07/2024    

Information published.


1.0    13/07/2024    

Information published.


1.0    14/07/2024    

Information published.


1.0    15/07/2024    

Information published.


1.0    16/07/2024    

Information published.


1.0    17/07/2024    

Information published.


1.0    19/07/2024    

Information published.


1.0    20/07/2024    

Information published.


1.0    21/07/2024    

Information published.


1.0    22/07/2024    

Information published.


1.0    23/07/2024    

Information published.


1.0    24/07/2024    

Information published.


1.0    25/07/2024    

Information published.


1.0    26/07/2024    

Information published.


1.0    27/07/2024    

Information published.


1.0    28/07/2024    

Information published.


1.0    29/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-3833
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
Azure Linux 3.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 ARM openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.8-13 Unknown None
CBL Mariner 2.0 x64 openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.8-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-3833 None

CVE-2021-33454 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33454
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33454
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM yasm (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.3.0-15 Unknown None
CBL Mariner 2.0 x64 yasm (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.3.0-15 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33454 None

CVE-2023-3978 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3978
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:6,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/08/2023    

Information published.


2.0    18/01/2024    

Added packer to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubevirt (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.2.0-1
1.29.4-1
None
Azure Linux 3.0 x64 kubevirt (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.2.0-1
1.29.4-1
None
CBL Mariner 2.0 ARM packer (CBL-Mariner)
telegraf (CBL-Mariner)
vitess (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.10.1-1
1.27.4-1
17.0.7-1
None
CBL Mariner 2.0 x64 packer (CBL-Mariner)
telegraf (CBL-Mariner)
vitess (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.10.1-1
1.27.4-1
17.0.7-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3978 None

CVE-2024-1298 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1298
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6/TemporalScore:6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/06/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1298
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
Unknown Unknown Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
20230301gitf80f052277c8-39
1.0.1-3
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
Unknown Unknown Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
20230301gitf80f052277c8-39
1.0.1-3
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1298 None

CVE-2024-20965 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20965
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,9/TemporalScore:4,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20965
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20965 None

CVE-2024-20967 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20967
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20967
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20967 None

CVE-2024-20969 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20969
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20969 None

CVE-2024-20977 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20977
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20977
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20977 None

CVE-2024-20973 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20973
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20973
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20973 None

CVE-2024-20985 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20985
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None
CBL Mariner 2.0 x64 mysql (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
8.0.36-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20985 None

CVE-2024-28182 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28182
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28182
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
18.20.3-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
18.20.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28182 None

CVE-2024-5742 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-5742
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-5742
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM nano (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
6.0-3 Unknown None
CBL Mariner 2.0 x64 nano (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
6.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-5742 None

CVE-2024-37891 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37891
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,4/TemporalScore:4,4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37891
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python-urllib3 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1.26.19-1 Unknown None
CBL Mariner 2.0 x64 python-urllib3 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1.26.19-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37891 None

CVE-2023-39325 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-39325
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/10/2023    

Information published.


2.0    24/10/2023    

Added moby-compose to CBL-Mariner 2.0 Added moby-containerd-cc to CBL-Mariner 2.0 Added vitess to CBL-Mariner 2.0


2.0    28/10/2023    

Added coredns to CBL-Mariner 2.0


4.0    18/01/2024    

Added packer to CBL-Mariner 2.0


5.0    02/02/2024    

Added kata-containers-cc to CBL-Mariner 2.0


6.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


5.0    20/04/2024    

Added git-lfs to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-39325
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM etcd (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.7.7-3
1.29.4-1
None
Azure Linux 3.0 x64 etcd (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.7.7-3
1.29.4-1
None
CBL Mariner 2.0 ARM blobfuse2 (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
etcd (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.1.1-1
1.11.1-2
1.29.0-2
3.5.12-1
None
CBL Mariner 2.0 x64 blobfuse2 (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
etcd (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.1.1-1
1.11.1-2
1.29.0-2
3.5.12-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-39325 None

CVE-2024-34250 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-34250
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,2/TemporalScore:6,2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/05/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-34250
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM fluent-bit (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.2.3-1 Unknown None
CBL Mariner 2.0 x64 fluent-bit (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.2.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-34250 None

CVE-2024-29158 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29158
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29158
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29158 None

CVE-2024-29162 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29162
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29162
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29162 None

CVE-2024-29163 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29163
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29163
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29163 None

CVE-2024-32605 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32605
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32605
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32605 None

CVE-2024-32615 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32615
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32615
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32615 None

CVE-2024-32620 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32620
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32620
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32620 None

CVE-2024-32619 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32619
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32619
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32619 None

CVE-2024-33877 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33877
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33877
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33877 None

CVE-2021-3847 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3847
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3847
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3847 None

CVE-2024-26913 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26913
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26913
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26913 None

CVE-2024-36477 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-36477
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-36477
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-36477 None

CVE-2024-39291 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-39291
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-39291
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.160.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-39291 None

CVE-2023-2455 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2455
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,4/TemporalScore:5,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2455
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
14.11-1 Unknown None
CBL Mariner 2.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
14.11-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2455 None

CVE-2024-31583 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31583
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    22/04/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31583
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM pytorch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.0.0-4 Unknown None
CBL Mariner 2.0 x64 pytorch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.0.0-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31583 None

CVE-2023-0464 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-0464
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/03/2023    

Information published.


2.0    24/04/2023    

Added nodejs18 to CBL-Mariner 2.0


3.0    11/10/2023    

Added edk2 to CBL-Mariner 2.0


4.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-0464
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-15 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-15 Unknown None
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-34
1.0.1-3
18.17.1-2
1.1.1k-22
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-34
1.0.1-3
18.17.1-2
1.1.1k-22
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-0464 None

CVE-2023-22742 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-22742
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-22742
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libgit2 (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.4.5-1
1.72.0-2
None
CBL Mariner 2.0 x64 libgit2 (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.4.5-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-22742 None

CVE-2024-29161 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29161
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29161
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29161 None

CVE-2024-33873 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33873
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    12/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33873
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.14.4.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33873 None

CVE-2018-25032 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-25032
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/03/2022    

Information published.


2.0    17/09/2022    

Added mariadb to CBL-Mariner 1.0 Added python3 to CBL-Mariner 1.0


3.0    17/04/2023    

Added tcl to CBL-Mariner 1.0


4.0    18/04/2023    

Added boost to CBL-Mariner 2.0


5.0    19/04/2023    

Added nmap to CBL-Mariner 2.0 Added tcl to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-25032
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
grpc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
1.62.0-2
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
grpc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
1.62.0-2
None
CBL Mariner 1.0 ARM boost (CBL-Mariner)
erlang (CBL-Mariner)
mariadb (CBL-Mariner)
nmap (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.66.0-4
24.2-2
10.3.36-1
7.90-4
None
CBL Mariner 1.0 x64 boost (CBL-Mariner)
erlang (CBL-Mariner)
mariadb (CBL-Mariner)
nmap (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.66.0-4
24.2-2
10.3.36-1
7.90-4
None
CBL Mariner 2.0 ARM boost (CBL-Mariner)
cloud-hypervisor-cvm (CBL-Mariner)
nmap (CBL-Mariner)
qt5-qtbase (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.76.0-3
38.0.72.2-1
7.93-1
5.15.9-1
None
CBL Mariner 2.0 x64 boost (CBL-Mariner)
cloud-hypervisor-cvm (CBL-Mariner)
nmap (CBL-Mariner)
qt5-qtbase (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.76.0-3
38.0.72.2-1
7.93-1
5.15.9-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-25032 None

CVE-2023-45853 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45853
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/10/2023    

Information published.


2.0    17/10/2023    

Added tcl to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45853
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keras (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
zlib (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1.1-1
1.75.0-1
8.6.13-3
1.3.1-1
None
Azure Linux 3.0 x64 keras (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
zlib (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1.1-1
1.75.0-1
8.6.13-3
1.3.1-1
None
CBL Mariner 2.0 ARM boost (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
cloud-hypervisor-cvm (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.76.0-4
32.0-2
38.0.72.2-1
1.72.0-5
None
CBL Mariner 2.0 x64 boost (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
cloud-hypervisor-cvm (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.76.0-4
32.0-2
38.0.72.2-1
1.72.0-5
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45853 None

CVE-2023-5678 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5678
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/11/2023    

Information published.


2.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5678
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers-cc (CBL-Mariner)
edk2 (CBL-Mariner)
kata-containers (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.2.0.azl1-1
20240223gitedc6681206c1-1
20.14.0-1
None
Azure Linux 3.0 x64 edk2 (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20240223gitedc6681206c1-1
3.2.0.azl1-1
20.14.0-1
None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
38.0.72.2-1
1.0.1-3
3.2.0.azl1-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
38.0.72.2-1
1.0.1-3
3.2.0.azl1-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5678 None

CVE-2023-6129 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6129
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/01/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6129
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
38.0.72.2-1
18.20.2-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
38.0.72.2-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6129 None

CVE-2024-2511 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2511
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2024    

Information published.


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2511
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
1.1.1k-30
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
38.0.72.2-1
18.20.2-1
1.1.1k-30
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2511 None

CVE-2024-0727 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0727
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/01/2024    

Information published.


2.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers-cc (CBL-Mariner)
kata-containers (CBL-Mariner)
nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl1-1
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl1-1
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM cloud-hypervisor-cvm (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
38.0.72.2-1
1.0.1-3
3.2.0.azl1-1
None
CBL Mariner 2.0 x64 cloud-hypervisor-cvm (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
38.0.72.2-1
1.0.1-3
3.2.0.azl1-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0727 None

CVE-2023-27478 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27478
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/06/2024    

Information published.


1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27478
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None
Azure Linux 3.0 x64 libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None
CBL Mariner 2.0 ARM libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None
CBL Mariner 2.0 x64 libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27478 None

CVE-2017-18214 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-18214
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-18214
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-10 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-18214 None

CVE-2024-37890 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37890
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37890
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-10 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37890 None

CVE-2024-36387 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-36387
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-36387
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-36387 None

CVE-2024-38473 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38473
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38473
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38473 None

CVE-2024-39884 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-39884
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-39884
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.61-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-39884 None

CVE-2024-29038 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29038
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,3/TemporalScore:4,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29038
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM tpm2-tools (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
4.3.2-2 Unknown None
CBL Mariner 2.0 x64 tpm2-tools (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
4.3.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29038 None

CVE-2024-29039 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29039
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9/TemporalScore:9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29039
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM tpm2-tools (CBL-Mariner) Unknown Unknown None Base: 9
Temporal: 9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
4.3.2-2 Unknown None
CBL Mariner 2.0 x64 tpm2-tools (CBL-Mariner) Unknown Unknown None Base: 9
Temporal: 9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
4.3.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29039 None

CVE-2024-37298 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37298
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37298
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.29.4-7 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.29.4-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37298 None

CVE-2020-15503 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-15503
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-15503
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM LibRaw (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.19.5-5 Unknown None
Azure Linux 3.0 x64 LibRaw (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.19.5-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-15503 None

CVE-2020-27842 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27842
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27842
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None
Azure Linux 3.0 x64 openjpeg2 (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.3.1-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27842 None

CVE-2024-40725 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-40725
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-40725
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.62-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.62-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-40725 None

CVE-2024-40898 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-40898
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-40898
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.62-1 Unknown None
CBL Mariner 2.0 x64 httpd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.62-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-40898 None

CVE-2024-5535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-5535
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-5535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.1.1k-33 Unknown None
CBL Mariner 2.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.1.1k-33 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-5535 None